)]}'
{
  "commit": "be57a039071a451763adc6c3456b7d79ca1999bb",
  "tree": "391ebab65e54c88c0b101a137371b283c5fd3812",
  "parents": [
    "3536e4d4923e76486167c85c2b09a1cf4ca5502d"
  ],
  "author": {
    "name": "Serge Bazanski",
    "email": "serge@nexantic.com",
    "time": "Tue May 11 13:41:52 2021 +0200"
  },
  "committer": {
    "name": "Leopold Schabel",
    "email": "leo@nexantic.com",
    "time": "Tue May 11 13:42:23 2021 +0200"
  },
  "message": "m/test/launch: fix TPM tempdir permissions, wrap errors\n\nOn Linux, the following generally fails:\n\n    $ cd /tmp\n    $ mkdir test\n    $ cd test/\n    $ chmod 644 .\n    $ touch foo\n    touch: cannot touch \u0027foo\u0027: Permission denied\n\nThis changes our launch code to create a temporary TPM directory with\n755 instead of 644 permissions, preventing a situation like above\nmanifesting in our new CI.\n\nThis didn\u0027t manifest before as we always ran builds through podman, and\nthere this behaviour doesn\u0027t appear to hold, probably because we are uid\n0 there:\n\n    $ podman exec -it monogon-dev bash\n    bash-5.0# id\n    uid\u003d0(root) gid\u003d0(root) groups\u003d0(root) context\u003dunconfined_u:system_r:spc_t:s0\n    bash-5.0# cd /tmp/\n    bash-5.0# mkdir test\n    bash-5.0# cd test/\n    bash-5.0# chmod 644 .\n    bash-5.0# touch foo\n\nWe also drive-by some unwrapped error returns to be a bit more helpful.\n\nTest Plan: Tested on new CI, manually.\n\nX-Origin-Diff: phab/D773\nGitOrigin-RevId: 5a55a7878109717f0c17251a659dfc6ee04b94f4\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "85e0a21155042f3bf7894221b9bba525624a29b1",
      "old_mode": 33188,
      "old_path": "metropolis/test/launch/launch.go",
      "new_id": "df36685c43d14a7bba09e0eb531fd611e398fc29",
      "new_mode": 33188,
      "new_path": "metropolis/test/launch/launch.go"
    }
  ]
}